XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.2.0
    • Component/s: SCM HA, Security
    • Labels:
      None

      Description

      Only the leader can do the INIT to have root. And followers only sync from the leader in the bootstrap process.

      After the root, every SCM will add their own certs upon the root. The root cert and sub certs are signed by the leader so that they can trust each other. For now, SCM only creates self-signed certs.

      We need to change init mode to rely on the root certs from the leader. Init workflow will need to wait for the other SCMs to hold and we make sure only 1 SCM is generating the root cert. 

        Attachments

        1. SCM HA Security - v.012020.pdf
          153 kB
          Xiaoyu Yao

          Issue Links

            Activity

              People

              • Assignee:
                bharat Bharat Viswanadham
                Reporter:
                timmylicheng Li Cheng
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: